neverending thread: zope ssl apache
Howdy: I am trying to get zope/cmf/plone to run behind apache/ssl. Ultimately, users will login via PAM to the intranet and access the site over https. Got apache and mod_ssl to work. Got apache and zope and rewrite and vhm to work. Can not get the whole shebang together to work happily. Right now i can go to: http://my.site.com and apache forwards the request to: http://my.site.com:8080/myzopesite and everything is good. Can go to: https://my.site.com and brings up the default apache page on port 443. I have tried quite a few differnet versions of this in the httpd.conf. Here is current (all of the SSL stuff is elsewhere in httpd.conf, is this a problem?) <VirtualHost 10.0.0.174> ServerName mems.zyvex.com RewriteEngine On RewriteRule ^/(.*) http://localhost:8080/VirtualHostBase/http/mems.zyvex.com:80/VirtualHostRoot... [P,L] </VirtualHost> I have run out of place to bang my head on, some suggestions would be nice. Thanks, patrick
Add the port number to the VirtalHost declaration: <VirtualHost 10.0.0.174:443> And make sure your RewriteRule specifies 443 instead of 80. HTH, Dylan On Thu, 2003-04-10 at 20:15, patrick sullivan wrote:
Howdy:
I am trying to get zope/cmf/plone to run behind apache/ssl. Ultimately, users will login via PAM to the intranet and access the site over https.
Got apache and mod_ssl to work. Got apache and zope and rewrite and vhm to work. Can not get the whole shebang together to work happily.
Right now i can go to:
and apache forwards the request to:
http://my.site.com:8080/myzopesite
and everything is good. Can go to:
and brings up the default apache page on port 443. I have tried quite a few differnet versions of this in the httpd.conf. Here is current (all of the SSL stuff is elsewhere in httpd.conf, is this a problem?)
<VirtualHost 10.0.0.174> ServerName mems.zyvex.com RewriteEngine On RewriteRule ^/(.*) http://localhost:8080/VirtualHostBase/http/mems.zyvex.com:80/VirtualHostRoot... [P,L] </VirtualHost>
I have run out of place to bang my head on, some suggestions would be nice.
Thanks,
patrick
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Add the port number to the VirtalHost declaration:
<VirtualHost 10.0.0.174:443>
And make sure your RewriteRule specifies 443 instead of 80.
Have tried both of these, including specifying https, for example here: ....https://localhost:8080/VirtualHostBase... and here: ....HostBase/https/mems.zyvex.com:443/VirtualH... This only causes the browser to sit and spin in place, constantly "Loading site ...". Soooo, I am still befuddled. Any more suggestions? Patrick
On Thu, 2003-04-10 at 20:15, patrick sullivan wrote:
Howdy:
I am trying to get zope/cmf/plone to run behind apache/ssl. Ultimately, users will login via PAM to the intranet and access the site over https.
Got apache and mod_ssl to work. Got apache and zope and rewrite and vhm to work. Can not get the whole shebang together to work happily.
Right now i can go to:
and apache forwards the request to:
http://my.site.com:8080/myzopesite
and everything is good. Can go to:
and brings up the default apache page on port 443. I have tried quite a few differnet versions of this in the httpd.conf. Here is current (all of the SSL stuff is elsewhere in httpd.conf, is this a problem?)
<VirtualHost 10.0.0.174> ServerName mems.zyvex.com RewriteEngine On RewriteRule ^/(.*)
[P,L] </VirtualHost>
I have run out of place to bang my head on, some suggestions would be nice.
Thanks,
patrick
Ah yes, I forget to mention the odd Incorrect or unexpected message: -12263 ... that pops up the first time I open a browser to view the site when I have the :444 in the VirtualHost directive and in the RewriteRule. More fun. patrick --- patrick sullivan <paddie@rocketmail.com> wrote:
Add the port number to the VirtalHost declaration:
<VirtualHost 10.0.0.174:443>
And make sure your RewriteRule specifies 443 instead of 80.
Have tried both of these, including specifying https, for example here:
....https://localhost:8080/VirtualHostBase...
and here:
....HostBase/https/mems.zyvex.com:443/VirtualH...
This only causes the browser to sit and spin in place, constantly "Loading site ...". Soooo, I am still befuddled.
Any more suggestions?
Patrick
On Thu, 2003-04-10 at 20:15, patrick sullivan wrote:
Howdy:
I am trying to get zope/cmf/plone to run behind apache/ssl. Ultimately, users will login via PAM to the intranet and access the site over https.
Got apache and mod_ssl to work. Got apache and zope and rewrite and vhm to work. Can not get the whole shebang together to work happily.
Right now i can go to:
and apache forwards the request to:
http://my.site.com:8080/myzopesite
and everything is good. Can go to:
and brings up the default apache page on port 443. I have tried quite a few differnet versions of this in the httpd.conf. Here is current (all of the SSL stuff is elsewhere in httpd.conf, is this a problem?)
<VirtualHost 10.0.0.174> ServerName mems.zyvex.com RewriteEngine On RewriteRule ^/(.*)
[P,L] </VirtualHost>
I have run out of place to bang my head on, some suggestions would be nice.
Thanks,
patrick
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
===== A disciple of another sect once came to a Zen Master as he was eating his morning meal. "I would like to give you this personality test", said the outsider, "because I want you to be happy." The Zen Master took the paper that was offered him and put it into the toaster, saying: "I wish the toaster to be happy, too."
On Fri, 2003-04-11 at 08:29, patrick sullivan wrote:
Add the port number to the VirtalHost declaration:
<VirtualHost 10.0.0.174:443>
And make sure your RewriteRule specifies 443 instead of 80.
Have tried both of these, including specifying https, for example here:
You don't want to do that.
and here:
....HostBase/https/mems.zyvex.com:443/VirtualH...
Excellent.
This only causes the browser to sit and spin in place, constantly "Loading site ...". Soooo, I am still befuddled.
Any more suggestions?
Well... you say that apache and mod_ssl are working. How, exactly, do you know that? When you made an https connection previously and it returned the Apache default document, did it come with the certificate you had configured? You say your SSL stuff is elsewhere... it seems like it should work that way, but I'm not sure it does... it's not how I do it in any event. :-) Certificates are host-specific... if not in theory, in practice anyway. So I put my SSL-related directives in the virtual host block used for SSL. I dimly recall that the main reason you'd do it the other way is if you're building an SSL-only, single-host server... and it doesn't sound like you are. Seeing the browser hang is a step in the right direction, I suspect. Previously, you weren't even reaching the correct VirtualHost... now it would appear you're reaching it but that it doesn't work correctly yet. I'd take a good look at what's in apcahe_home/logs/error_log for additional clues. SSL-related errors can be a bit obscure sometimes. HTH, Dylan
patrick sullivan wrote:
Have tried both of these, including specifying https, for example here:
No, you can't use hhtps to talk to the Zope server, because it doesn't support it. Thats why you have Apache for. ;)
....HostBase/https/mems.zyvex.com:443/VirtualH...
Yup, that looks right. http://localhost:8080/VirtualHostBase/https/mems.zyvex.com:443/VirtualHostRo... [L,P] sounds like a good start to me.
Ok, sorry forget to CC the list. I fixed it. When I configured openssh it modded my httpd.conf adding a new VirtualHost directive named <VirtualHost _default_:443> that was f-ing up my VirtualHost entry. Soooo, I added the correct RewriteRule to the above directive and !Tada! is works. Didn't CC the list because of embarresment ... =) patrick --- Lennart Regebro <lennart@regebro.nu> wrote:
patrick sullivan wrote:
Have tried both of these, including specifying https, for example here:
No, you can't use hhtps to talk to the Zope server, because it doesn't support it. Thats why you have Apache for. ;)
....HostBase/https/mems.zyvex.com:443/VirtualH...
Yup, that looks right.
http://localhost:8080/VirtualHostBase/https/mems.zyvex.com:443/VirtualHostRo...
[L,P]
sounds like a good start to me.
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
===== A disciple of another sect once came to a Zen Master as he was eating his morning meal. "I would like to give you this personality test", said the outsider, "because I want you to be happy." The Zen Master took the paper that was offered him and put it into the toaster, saying: "I wish the toaster to be happy, too."
participants (3)
-
Dylan Reinhardt -
Lennart Regebro -
patrick sullivan